It would appear you've done your part in trying to reach out (and subsequently failed), so the next step to go is dropping all traffic from it. Nothing wrong with trying to protect your own customer from people who cannot be bothered to do their own due diligence. On 8/11/2014 午前 12:19, Gabriel Marais wrote:
Hi Nanog
I'm curious.
I have been receiving some major ssh brute-force attacks coming from random hosts in the 116.8.0.0 - 116.11.255.255 network. I have sent a complaint to the e-mail addresses obtained from a whois query on one of the IP Addresses.
My e-mail bounced back from both recipients. Once being rejected by filter and the other because the e-mail address doesn't exist. I would have thought that contact details are rather important to be up to date, or not?
Besides just blocking the IP range on my firewall, I was wondering what others would do in this case?
Regards, Gabriel